Cyber Threat Detection Analyst
Role details
Job location
Tech stack
Job description
As a Cyber Threat Detection Analyst, you will be a key contributor within a blue team security function, responsible for identifying, analysing, and responding to cyber threats across enterprise environments. You will work hands on with modern detection and response tooling, supporting investigations and helping to strengthen the organisation's overall cyber defence capability. This role is ideal for someone who enjoys analytical problem solving, working closely with security data, and developing their technical skills within a collaborative and high performing team., * Monitor security tools and alerting platforms to identify suspicious activity and potential threats
- Carry out structured investigations using log data, telemetry, and supporting threat intelligence
- Perform evidence driven analysis to determine the scope, impact, and root cause of security events
- Support incident response activities, including containment, remediation, and escalation where required
- Collaborate closely with SOC, incident response, and engineering teams to ensure effective outcomes
- Participate in post incident reviews, contributing to lessons learned and continuous improvement
- Assist in enhancing detection logic, investigative workflows, and response processes, Cyber Threat Detection, Security Operations, SOC Analyst, Blue Team, Threat Hunting, Threat Intelligence, Incident Response, Incident Handling, SIEM, Elastic Security, Microsoft Sentinel, Splunk, Log Analysis, Security Monitoring, Detection Engineering, Use Case Development, MITRE ATT&CK, Adversary Tactics, Indicators of Compromise, IOC Analysis, EDR, XDR, Microsoft Defender, CrowdStrike, SentinelOne, Endpoint Security, Network Security, Firewall, IDS, IPS, DNS, TCP/IP, VPN, Azure Security, AWS Security, Cloud Security Monitoring, KQL, ES|QL, Kibana Query Language, PowerShell, Python, SOAR, Security Automation, Digital Forensics, Malware Analysis, Cyber Defence, Cyber Security Analyst
Requirements
- Experience working in a SOC, cyber defence, or threat detection environment
- Experience with SIEM platforms including Elastic Security, Microsoft Sentinel, and Splunk, using KQL, ES|QL, and Kibana Query Language to analyse and interpret security data
- Familiarity with incident response processes and the security event lifecycle
- Exposure to endpoint detection and response technologies such as Microsoft Defender, CrowdStrike, SentinelOne, or Carbon Black
- Understanding of attacker techniques and frameworks such as MITRE ATT&CK
- Solid knowledge of core networking concepts including TCP/IP, DNS, HTTP/S, firewalls, and VPNs
- Experience analysing logs from Windows, Linux, cloud, and network sources
- Strong analytical and communication skills, with the ability to clearly document and explain findings, * Experience with cloud security monitoring (Azure, AWS, or GCP)
- Exposure to threat intelligence feeds and IOC enrichment
- Scripting or automation experience using KQL, PowerShell, Python, or similar
- Familiarity with SOAR tooling and automated response workflows
- Experience working in regulated, high security, or mission critical environments
Benefits & conditions
- CompTIA Security+ or CySA+
- Microsoft SC 200 or related security certifications
- GIAC certifications such as GCIH or GCIA
- CREST, EC Council, or other recognised cyber security credentials
Why Join? Exceptional opening within a globally recognised organisation Competitive salary with an excellent benefits package Strong focus on training, certifications, and career progression Exposure to modern security tooling and real world threat scenarios Opportunity to work alongside experienced cyber security professionals Don't delay in applying via the link!
